During the Corona / Covid-19 outbreak, this training can also be Live Online attended. You follow the training live remotely with our own instructor, view the slides and notes on the whiteboard, interact with fellow participants and can ask questions whenever you want. Basically just like a classroom training but from your own location. If the Live Online training does not meet your expectations, you may attend it in person with us again free of charge within a year.

In the 5-day PECB Lead Cloud Security Manager training, you will learn to master the implementation and management of a cloud security program based on ISO 27017 and 27018. Both provide clear guidelines for both cloud providers and their customers regarding the specific measures needed to address both cloud security and privacy issues. The focus here is on planning, implementing, managing, monitoring, and maintaining the correct processes to manage cloud security risks. This is important when you, as an organization, want to demonstrate control over these risks to customers or other stakeholders.

By participating in this training, you will gain extensive knowledge and skills in the concepts and principles of cloud computing, the specific aspects of cloud security risk management, cloud-specific measures, cloud security incident management and cloud security testing and audits. Upon completion of the training, you will demonstrate your ability to manage a cloud security program based on best practices by passing the associated exam.

What will I master or know after this training?

• Know and be able to apply the general and cloud-specific measures, concepts, approaches, methods, and techniques used in the implementation and effective management of a cloud security program
• Be able to indicate the correlation between ISO/IEC 27017, ISO/IEC 27018, and other relevant standards and regulatory frameworks
• Interpret and apply the guidelines of ISO/IEC 27017 and ISO/IEC 27018 in the specific context of an organization
• Support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program
• Advise an organization on managing a cloud security program by following best practices
• Test, monitor, and continually improve cloud security incident management

Duration of training

5 days

General content

Introduction to ISO/IEC 27017 and ISO/IEC 27018, and the initiation of a cloud security program

• Training course objectives and structure
• Standards and regulatory frameworks
• Fundamental cloud computing concepts and principles
• Understanding the organization’s cloud computing architecture
• Information security roles and responsibilities related to cloud computing
• Information security policy for cloud computing

Cloud computing security risk management and cloud-specific controls

• Cloud computing security risk management
• Selection and design of cloud-specific controls
• Implementation of cloud-specific controls (part 1) 

Documented information management and cloud security awareness and training  

• Implementation of cloud-specific controls (part 2)
• Documented information management in the cloud
• Cloud security awareness and training

Cloud security incident management, testing, monitoring, and continual improvement

• Cloud security incident management
• Cloud security testing
• Monitoring, measurement, analysis, and evaluation
• Continual improvement

 Certification Exam